MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ee575d62f189501bdf9f55b1a12c5ca57c991b16a0c9e7fc81aad01d32c8888f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 2 Yara Comments

SHA256 hash: ee575d62f189501bdf9f55b1a12c5ca57c991b16a0c9e7fc81aad01d32c8888f
SHA3-384 hash: 9b0c03edc3670a44d3c78781ca9f1781d484658c9adc3151a68bdcbb1050a873bd675d0254c5ad233a9661c6b30f92a3
SHA1 hash: dd71986a1379f8e8e465308522bbb76e25b1dbe6
MD5 hash: 29fbd1ae6b42503cd2d0121ead2bd341
humanhash: quebec-spaghetti-nevada-bulldog
File name:Export Documents (2).zip
Download: download sample
Signature n/a
File size:393'324 bytes
First seen:2020-06-30 15:34:51 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:Mv+yZBGmZ3fq/b3nohLfOVf6mV63mbvMhKQ6tCjhTldVB+OSxi2:Mvy6f80hrOVf6DaMgQb+OSB
TLSH 4584236EB330634344789407D0246A61D1DA3071B18373721EB33896EF5BE5AF596AEF
Reporter @jarumlus


Mail intelligence
Trap location Impact
IT Italy Low
Global High
NL Netherlands Low
# of uploads 1
# of downloads 33
Origin country US US
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-30 11:56:46 UTC
AV detection:25 of 48 (52.08%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 16.92%

File information

The table below shows additional information about this malware sample such as delivery method and external references.


zip ee575d62f189501bdf9f55b1a12c5ca57c991b16a0c9e7fc81aad01d32c8888f

(this sample)

Dropped by
Delivery method
Distributed via e-mail attachment